About
Consulting
Software
Solutions
Support
 
Contact Us
download

Fequently Asked Questions:


Q: I am getting a 'License file not valid' error when logging into fBuilder. Why?
A: This can be caused by ^M characters being appended to the license file. This can happen when the file is received on many web based mail readers or if the machine you received the license on was a Windows based machine. You can remove these ^M characters by typing the following on your Linux box:

perl -pi.bak -e 's/\cM//g' fbuilder.lic

Q: When I log into fBuilder, it forces me to log in over and over. Why?
A: When you install fBuilder you are asked for the name of the machine. You MUST use a qualified name (such as yourmachine.yourdomain.com) and NOT the IP address of the machine. This information will be saved to the .hosts file. When you browse to fBuilder, you will use the same name as is referred to in this file. If you attempt to browse to the IP address of the machine, the session cookie will not work correctly.


Q: I've downloaded a file "fbuilder_plus-2.4.7.tar.tar" and failed to extract using tar program in the linux shell. This is the command i've typed: tar xf fbuilder_plus-2.4.7.tar.tar The system returned: "THIS DOES NOT LOOK LIKE A TAR ARCHIVE SKIPPING TO NEXT HEADER ARCHIVE CONTAINS OBSOLESCENT BASE-64 HEADER ERROR EXIT DELAYED FROM PREVIOUS ERRORS". Could you tell me what wrong going with this?
A: For some reason Windows machines are changing the name of the file when it is downloaded. The file SHOULD be a tar.gz file and should untar clean with a tar -xzvf.

Q: I am getting 'Couldn't open .interfaces: Permission denied at PERL2EXE_STORAGE/fbuilderLib.pm line 418' when I try setting the interfaces on the wizard. Why?
A: This can happen if the /usr/local/fbuilder directory is not owned by the fbuilder:fbuilder user:group. To remedy this, type:

chown fbuilder:fbuilder /usr/local/fbuilder

You may also have to rm /usr/local/fbuilder/.interfaces if the file exists, kill the boa process, and restart boa before trying again.

Q: When attempting to start Boa, I get a 'could not open mime.types file' error. Why?
A: You will need to look in your boa.conf file and look for a variable called 'MimeTypes'. By default, this is set to "etc/mime.types". If your mime.types file does not reside in this location, you will need to point the variable to the location of your mime.types file.

Q: How do I uninstall fBuilder?
A: You can just delete the /usr/local/fbuilder directory for the Lite or 2.2.6 versions. If you are running 2.4.x, you should also check for a file called loadmods.pl that should be located in the /root directory.

Q: When attempting to access fBuilder, I receive a 'License not found' error
A: This can happen for a couple of reasons. A file called fbuilder.lic is emailed to the address that was provided when you downloaded the product. If you do not receive this license (but provided a valid email address when downloading) please contact support. Once you receive the license, you must copy it to /usr/local/fbuilder for the product to work. If you continue to get the error after copying the file, try to kill the boa process by typing 'ps -awux | grep boa' to get the process id and then type 'kill '. Once boa has been stopped, you can start it again by typing '/usr/local/fbuilder/boa'.

Q: Does fBuilder work with apache?
A: In order to get fBuilder running with Apache, you'll need to set up Apache to allow execution of cgi scripts in what ever directory you put fBuilder in... Depending on your version of Apache, there may be a number of files to edit. In the latest stable version of Apache (1.3.12 as of this writing) the default file for everything you'll need to do is httpd.conf. Basically you are looking for the following lines:

AddHandler .cgi

If it's commented out with a pound (#) sign before it, uncomment it by removing the pound (#) sign.

There will also be access permissions to set up so that Apache will allow execution of cgi scripts in a non cgi-bin directory. Set up the following directive somewhere in the httpd.conf file:

<Directory /path/to/fbuilder/>
AllowOverride All
Options ExecCGI
</Directory>

If your web server is running as 'nobody', you will need to change the permissions on the fbuilder directory so that it's owned by nobody and you will also need to change the ownership of the fw-init file.

chown nobody.nobody /path/to/fbuilder
chown nobody.nobody /path/to/fbuilder/fw-init

If you get any "permission denied" errors while using fBuilder in this configuration, find out what was trying to be accessed by viewing your apache error log, then change the owner of that file to nobody...

There are a couple fo files which you should NOT change the permissions or ownership of, most notable is fBuilder_chains, execute_script.pl and fParse.cgi. These files need to be owned by root with permissions set to 04755 (-rwsr-xr-x).

That should be all there is to setting up fBuilder with Apache...

Q: How do I maintain a firewall script, once generated.
A: If you want to insert/edit/delete/move any of the rules in your live firewall, you can do it through the "View Options', 'View Firewall' area. Clicking the arrows will move the rule. Click insert to insert a rule. Click Edit to edit or delete a rule.

If you want to add a rule to an empty chain or want to append a rule to the bottom of a chain, you can click 'New Rule' from the 'Edit firewall' menu and create your new rule.

Once all of your changes have been made, go back to the 'View Firewall' screen and click 'Save Firewall' to save it and 'Export to rc.firewall' to create a rc.firewall script that can be run at boot time.

Q: I am finding the creation of new rules very difficult because I am just not that familiar with the ipchains and iptables lingo and low level functionality. You product seems to work fine after going through the firewall wizard, but I cant open other ports and don't really know how.
A: To create a rule, you have three options:
1 - You can always use the Wizard again to add items to your list of incoming and outgoing rules. The Wizard will remember what you did the first time so that you don't need to do everything again, only add the new services.
2 - You can use the Insert Rule from the 'view firewall' screen
3 - You can use 'New rule'

Basically the New Rule and Insert rule work the same except the New Rule allows you to pick the chain and the rule gets appended to the end of the chain. The Insert Rule will insert the rule to the location where you clicked 'insert' and, of course, will be in that chain.

As for what goes where:
If you want services from the internet to come into that box (i.e - if you want to run a web server on there) you would want to add an Input rule. If you want to get from that box out (if you want view web pages on the internet) you would want an output rule. If you want people to pass through that box (acting as a router) you will create Forward rule.

The nitty gritty:
If you want to just add access to the outside world on port 1234 for everyone on your network, you can hit the insert button in the Forward chain, put 1024:65535 in your source ports, 1234 in Destination Ports, the target is ACCEPT, protocol is TCP, in fBuilder 2.2.x you will want to check 'Create back traffic rule', and finish by clicking 'add new rule'. With 2.4.x you will not need back traffice rules as this is handled by state checking.

Obviously, I picked a very simple example to show you that it does almost everything for you. If you only want to allow 1234 to a machine on the internet that has an address of 123.123.123.123, you can just add that ip to the destination address. etc, etc.

Q: I'm try to create multiple fixed NAT mappings between a fixed public address and a fixed internal (private) address. How might I acheive this with fbuilder plus 2.4? (ie: 123.123.1.100 >> 192.168.1.100)
A: This would be done through 'Edit Firewall' >> 'New Rule'. Once in this screen, Add the following items:

1 - Inbound interface: Set to the NIC that faces the internet (i.e - eth0)
2 - Destination IP Address: Set to the address that people on the outside will use (i.e - 123.123.1.100)
3 - Nat to IP address: Set to the address the packet is destined for (i.e. - 192.168.1.100)
4 - Rule Type = Prerouting
5 - Target = DNAT
6 - Protocol = ALL (you can make this TCP or UDP only if you don't want to redirect all packets)
7 - Click 'Add New Rule'

Once your edits are in place, click 'Save firewall' from the 'View Options' >> 'View Firewall' screen to save your script. You can also export your firewall to a rc.firewall script so you can launch it at boot time from the 'View Firewall' screen.

Q: After I run the Wizard, the firewall rules come up empty?
A: fBuilder expects to see your iptables command in the /sbin directory. If it is located elsewhere (i.e. /usr/local/sbin) you will want to create a link in your /sbin directory to point to your iptables command.

 

Copyright © 2006. InnerTek Software, LLC